From a6eb3b25e9b7bd9131eaa57a817879a9043d3de1 Mon Sep 17 00:00:00 2001 From: Doug Simmons Date: Thu, 10 Mar 2022 02:08:36 -0800 Subject: [PATCH 1/2] Add support for an environ (V2) endpoint Add the ability to configure a DRONE_ENV_PLUGIN_ENDPOINT with the runner Bump drone-go to v1.6.0 Bump runner-go to 1.7.0 Bump to go1.16 --- .drone.yml | 4 +- command/compile.go | 13 ++- command/daemon/config.go | 6 + command/daemon/daemon.go | 26 +++-- command/exec.go | 13 ++- engine/compiler/compiler.go | 184 +++++++++++++++---------------- engine/compiler/compiler_test.go | 66 ++++++----- engine/spec.go | 4 +- go.mod | 6 +- go.sum | 7 ++ runtime/execer.go | 4 +- runtime/runner.go | 14 +-- runtime/type.go | 65 +++++++++++ 13 files changed, 263 insertions(+), 149 deletions(-) create mode 100644 runtime/type.go diff --git a/.drone.yml b/.drone.yml index 99e12a6..ef2cc14 100644 --- a/.drone.yml +++ b/.drone.yml @@ -7,7 +7,7 @@ platform: steps: - name: test - image: golang:1.13 + image: golang:1.16 commands: - go test -cover ./... volumes: @@ -15,7 +15,7 @@ steps: path: /go - name: build - image: golang:1.13 + image: golang:1.16 commands: - sh scripts/build.sh volumes: diff --git a/command/compile.go b/command/compile.go index 0ee620e..1d75d3b 100644 --- a/command/compile.go +++ b/command/compile.go @@ -14,8 +14,11 @@ import ( "github.com/drone-runners/drone-runner-ssh/command/internal" "github.com/drone-runners/drone-runner-ssh/engine/compiler" "github.com/drone-runners/drone-runner-ssh/engine/resource" + "github.com/drone-runners/drone-runner-ssh/runtime" + "github.com/drone/envsubst" "github.com/drone/runner-go/environ" + "github.com/drone/runner-go/environ/provider" "github.com/drone/runner-go/manifest" "github.com/drone/runner-go/secret" @@ -79,6 +82,11 @@ func (c *compileCommand) run(*kingpin.ParseContext) error { // compile the pipeline to an intermediate representation. comp := &compiler.Compiler{ + Environ: provider.Static(c.Environ), + Secret: secret.StaticVars(c.Secrets), + } + + args := runtime.CompilerArgs{ Pipeline: resource, Manifest: manifest, Build: c.Build, @@ -86,10 +94,9 @@ func (c *compileCommand) run(*kingpin.ParseContext) error { Repo: c.Repo, Stage: c.Stage, System: c.System, - Environ: c.Environ, - Secret: secret.StaticVars(c.Secrets), } - spec := comp.Compile(nocontext) + + spec := comp.Compile(nocontext, args) // encode the pipeline in json format and print to the // console for inspection. diff --git a/command/daemon/config.go b/command/daemon/config.go index 6575980..bb8b935 100644 --- a/command/daemon/config.go +++ b/command/daemon/config.go @@ -61,6 +61,12 @@ type Config struct { Trusted bool `envconfig:"DRONE_LIMIT_TRUSTED"` } + Environ struct { + Endpoint string `envconfig:"DRONE_ENV_PLUGIN_ENDPOINT"` + Token string `envconfig:"DRONE_ENV_PLUGIN_TOKEN"` + SkipVerify bool `envconfig:"DRONE_ENV_PLUGIN_SKIP_VERIFY"` + } + Secret struct { Endpoint string `envconfig:"DRONE_SECRET_PLUGIN_ENDPOINT"` Token string `envconfig:"DRONE_SECRET_PLUGIN_TOKEN"` diff --git a/command/daemon/daemon.go b/command/daemon/daemon.go index 463a00c..0c018d9 100644 --- a/command/daemon/daemon.go +++ b/command/daemon/daemon.go @@ -9,16 +9,18 @@ import ( "time" "github.com/drone-runners/drone-runner-ssh/engine" + "github.com/drone-runners/drone-runner-ssh/engine/compiler" "github.com/drone-runners/drone-runner-ssh/engine/resource" "github.com/drone-runners/drone-runner-ssh/internal/match" "github.com/drone-runners/drone-runner-ssh/runtime" "github.com/drone/runner-go/client" + "github.com/drone/runner-go/environ/provider" "github.com/drone/runner-go/handler/router" "github.com/drone/runner-go/logger" loghistory "github.com/drone/runner-go/logger/history" - "github.com/drone/runner-go/pipeline/history" - "github.com/drone/runner-go/pipeline/remote" + "github.com/drone/runner-go/pipeline/reporter/history" + "github.com/drone/runner-go/pipeline/reporter/remote" "github.com/drone/runner-go/secret" "github.com/drone/runner-go/server" "github.com/drone/signal" @@ -83,11 +85,21 @@ func (c *daemonCommand) run(*kingpin.ParseContext) error { config.Limit.Events, config.Limit.Trusted, ), - Secret: secret.External( - config.Secret.Endpoint, - config.Secret.Token, - config.Secret.SkipVerify, - ), + Compiler: &compiler.Compiler{ + Environ: provider.Combine( + provider.Static(config.Runner.Environ), + provider.External( + config.Environ.Endpoint, + config.Environ.Token, + config.Environ.SkipVerify, + ), + ), + Secret: secret.External( + config.Secret.Endpoint, + config.Secret.Token, + config.Secret.SkipVerify, + ), + }, Execer: runtime.NewExecer( tracer, remote, diff --git a/command/exec.go b/command/exec.go index 5e0ab44..575a341 100644 --- a/command/exec.go +++ b/command/exec.go @@ -18,13 +18,15 @@ import ( "github.com/drone-runners/drone-runner-ssh/engine/compiler" "github.com/drone-runners/drone-runner-ssh/engine/resource" "github.com/drone-runners/drone-runner-ssh/runtime" + "github.com/drone/drone-go/drone" "github.com/drone/envsubst" "github.com/drone/runner-go/environ" + "github.com/drone/runner-go/environ/provider" "github.com/drone/runner-go/logger" "github.com/drone/runner-go/manifest" "github.com/drone/runner-go/pipeline" - "github.com/drone/runner-go/pipeline/console" + "github.com/drone/runner-go/pipeline/streamer/console" "github.com/drone/runner-go/secret" "github.com/drone/signal" @@ -95,6 +97,11 @@ func (c *execCommand) run(*kingpin.ParseContext) error { // compile the pipeline to an intermediate representation. comp := &compiler.Compiler{ + Environ: provider.Static(c.Environ), + Secret: secret.StaticVars(c.Secrets), + } + + args := runtime.CompilerArgs{ Pipeline: resource, Manifest: manifest, Build: c.Build, @@ -102,10 +109,8 @@ func (c *execCommand) run(*kingpin.ParseContext) error { Repo: c.Repo, Stage: c.Stage, System: c.System, - Environ: c.Environ, - Secret: secret.StaticVars(c.Secrets), } - spec := comp.Compile(nocontext) + spec := comp.Compile(nocontext, args) // create a step object for each pipeline step. for _, step := range spec.Steps { diff --git a/engine/compiler/compiler.go b/engine/compiler/compiler.go index 20989dc..976cd68 100644 --- a/engine/compiler/compiler.go +++ b/engine/compiler/compiler.go @@ -10,11 +10,11 @@ import ( "strings" "github.com/drone-runners/drone-runner-ssh/engine" - "github.com/drone-runners/drone-runner-ssh/engine/resource" + "github.com/drone-runners/drone-runner-ssh/runtime" - "github.com/drone/drone-go/drone" "github.com/drone/runner-go/clone" "github.com/drone/runner-go/environ" + "github.com/drone/runner-go/environ/provider" "github.com/drone/runner-go/manifest" "github.com/drone/runner-go/secret" @@ -28,43 +28,9 @@ var random = uniuri.New // Compiler compiles the Yaml configuration file to an // intermediate representation optimized for simple execution. type Compiler struct { - // Manifest provides the parsed manifest. - Manifest *manifest.Manifest - - // Pipeline provides the parsed pipeline. This pipeline is - // the compiler source and is converted to the intermediate - // representation by the Compile method. - Pipeline *resource.Pipeline - - // Build provides the compiler with stage information that - // is converted to environment variable format and passed to - // each pipeline step. It is also used to clone the commit. - Build *drone.Build - - // Stage provides the compiler with stage information that - // is converted to environment variable format and passed to - // each pipeline step. - Stage *drone.Stage - - // Repo provides the compiler with repo information. This - // repo information is converted to environment variable - // format and passed to each pipeline step. It is also used - // to clone the repository. - Repo *drone.Repo - - // System provides the compiler with system information that - // is converted to environment variable format and passed to - // each pipeline step. - System *drone.System - - // Environ provides a set of environment varaibles that + // Environ provides a set of environment variables that // should be added to each pipeline step by default. - Environ map[string]string - - // Netrc provides netrc parameters that can be used by the - // default clone step to authenticate to the remote - // repository. - Netrc *drone.Netrc + Environ provider.Provider // Secret returns a named secret value that can be injected // into the pipeline step. @@ -72,38 +38,39 @@ type Compiler struct { } // Compile compiles the configuration file. -func (c *Compiler) Compile(ctx context.Context) *engine.Spec { - os := c.Pipeline.Platform.OS +func (c *Compiler) Compile(ctx context.Context, args runtime.CompilerArgs) *engine.Spec { + pipeline := args.Pipeline + os := pipeline.Platform.OS spec := &engine.Spec{ Platform: engine.Platform{ - OS: c.Pipeline.Platform.OS, - Arch: c.Pipeline.Platform.Arch, - Variant: c.Pipeline.Platform.Variant, - Version: c.Pipeline.Platform.Version, + OS: pipeline.Platform.OS, + Arch: pipeline.Platform.Arch, + Variant: pipeline.Platform.Variant, + Version: pipeline.Platform.Version, }, Server: engine.Server{ - Hostname: c.Pipeline.Server.Host.Value, - Username: c.Pipeline.Server.User.Value, - Password: c.Pipeline.Server.Password.Value, - SSHKey: c.Pipeline.Server.SSHKey.Value, + Hostname: pipeline.Server.Host.Value, + Username: pipeline.Server.User.Value, + Password: pipeline.Server.Password.Value, + SSHKey: pipeline.Server.SSHKey.Value, }, } // maybe load the server host variable from secret - if s, ok := c.findSecret(ctx, c.Pipeline.Server.Host.Secret); ok { + if s, ok := c.findSecret(ctx, args, pipeline.Server.Host.Secret); ok { spec.Server.Hostname = s } // maybe load the server username variable from secret - if s, ok := c.findSecret(ctx, c.Pipeline.Server.User.Secret); ok { + if s, ok := c.findSecret(ctx, args, pipeline.Server.User.Secret); ok { spec.Server.Username = s } // maybe load the server password variable from secret - if s, ok := c.findSecret(ctx, c.Pipeline.Server.Password.Secret); ok { + if s, ok := c.findSecret(ctx, args, pipeline.Server.Password.Secret); ok { spec.Server.Password = s } // maybe load the server ssh_key variable from secret - if s, ok := c.findSecret(ctx, c.Pipeline.Server.SSHKey.Secret); ok { + if s, ok := c.findSecret(ctx, args, pipeline.Server.SSHKey.Secret); ok { spec.Server.SSHKey = s } @@ -153,14 +120,14 @@ func (c *Compiler) Compile(ctx context.Context) *engine.Spec { }) // creates the netrc file - if c.Netrc != nil && c.Netrc.Password != "" { + if args.Netrc != nil && args.Netrc.Password != "" { netrcfile := getNetrc(os) netrcpath := join(os, homedir, netrcfile) netrcdata := fmt.Sprintf( "machine %s login %s password %s", - c.Netrc.Machine, - c.Netrc.Login, - c.Netrc.Password, + args.Netrc.Machine, + args.Netrc.Login, + args.Netrc.Password, ) spec.Files = append(spec.Files, &engine.File{ Path: netrcpath, @@ -169,22 +136,30 @@ func (c *Compiler) Compile(ctx context.Context) *engine.Spec { }) } + // list the global environment variables + globals, _ := c.Environ.List(ctx, &provider.Request{ + Build: args.Build, + Repo: args.Repo, + }) + // create the default environment variables. envs := environ.Combine( - c.Environ, - c.Build.Params, + provider.ToMap( + provider.FilterUnmasked(globals), + ), + args.Build.Params, environ.Proxy(), - environ.System(c.System), - environ.Repo(c.Repo), - environ.Build(c.Build), - environ.Stage(c.Stage), - environ.Link(c.Repo, c.Build, c.System), + environ.System(args.System), + environ.Repo(args.Repo), + environ.Build(args.Build), + environ.Stage(args.Stage), + environ.Link(args.Repo, args.Build, args.System), clone.Environ(clone.Config{ - SkipVerify: c.Pipeline.Clone.SkipVerify, - Trace: c.Pipeline.Clone.Trace, + SkipVerify: pipeline.Clone.SkipVerify, + Trace: pipeline.Clone.Trace, User: clone.User{ - Name: c.Build.AuthorName, - Email: c.Build.AuthorEmail, + Name: args.Build.AuthorName, + Email: args.Build.AuthorEmail, }, }), // TODO(bradrydzewski) windows variable HOMEDRIVE @@ -200,16 +175,16 @@ func (c *Compiler) Compile(ctx context.Context) *engine.Spec { ) // create clone step, maybe - if c.Pipeline.Clone.Disable == false { + if pipeline.Clone.Disable == false { clonepath := join(os, spec.Root, "opt", getExt(os, "clone")) clonefile := genScript(os, clone.Commands( clone.Args{ - Branch: c.Build.Target, - Commit: c.Build.After, - Ref: c.Build.Ref, - Remote: c.Repo.HTTPURL, - Depth: c.Pipeline.Clone.Depth, + Branch: args.Build.Target, + Commit: args.Build.After, + Ref: args.Build.Ref, + Remote: args.Repo.HTTPURL, + Depth: args.Pipeline.Clone.Depth, }, ), ) @@ -234,15 +209,15 @@ func (c *Compiler) Compile(ctx context.Context) *engine.Spec { } // create steps - for _, src := range c.Pipeline.Steps { + for _, src := range pipeline.Steps { buildslug := slug.Make(src.Name) buildpath := join(os, spec.Root, "opt", getExt(os, buildslug)) buildfile := genScript(os, src.Commands) - cmd, args := getCommand(os, buildpath) + cmd, cmdArgs := getCommand(os, buildpath) dst := &engine.Step{ Name: src.Name, - Args: args, + Args: cmdArgs, Command: cmd, Detach: src.Detach, DependsOn: src.DependsOn, @@ -279,14 +254,14 @@ func (c *Compiler) Compile(ctx context.Context) *engine.Spec { // if the pipeline step has unmet conditions the step is // automatically skipped. if !src.When.Match(manifest.Match{ - Action: c.Build.Action, - Cron: c.Build.Cron, - Ref: c.Build.Ref, - Repo: c.Repo.Slug, - Instance: c.System.Host, - Target: c.Build.Deploy, - Event: c.Build.Event, - Branch: c.Build.Target, + Action: args.Build.Action, + Cron: args.Build.Cron, + Ref: args.Build.Ref, + Repo: args.Repo.Slug, + Instance: args.System.Host, + Target: args.Build.Deploy, + Event: args.Build.Event, + Branch: args.Build.Target, }) { dst.RunPolicy = engine.RunNever } @@ -294,15 +269,30 @@ func (c *Compiler) Compile(ctx context.Context) *engine.Spec { if isGraph(spec) == false { configureSerial(spec) - } else if c.Pipeline.Clone.Disable == false { + } else if pipeline.Clone.Disable == false { configureCloneDeps(spec) - } else if c.Pipeline.Clone.Disable == true { + } else if pipeline.Clone.Disable == true { removeCloneDeps(spec) } + // HACK: append masked global variables to secrets + // this ensures the environment variable values are + // masked when printed to the console. + masked := provider.FilterMasked(globals) + for _, step := range spec.Steps { + for _, g := range masked { + step.Secrets = append(step.Secrets, &engine.Secret{ + Name: g.Name, + Data: []byte(g.Data), + Mask: g.Mask, + Env: g.Name, + }) + } + } + for _, step := range spec.Steps { for _, s := range step.Secrets { - secret, ok := c.findSecret(ctx, s.Name) + secret, ok := c.findSecret(ctx, args, s.Name) if ok { s.Data = []byte(secret) } @@ -314,15 +304,25 @@ func (c *Compiler) Compile(ctx context.Context) *engine.Spec { // helper function attempts to find and return the named secret. // from the secret provider. -func (c *Compiler) findSecret(ctx context.Context, name string) (s string, ok bool) { +func (c *Compiler) findSecret(ctx context.Context, args runtime.CompilerArgs, name string) (s string, ok bool) { if name == "" { return } - found, _ := c.Secret.Find(ctx, &secret.Request{ + + // source secrets from the global secret provider + // and the repository secret provider. + provider := secret.Combine( + args.Secret, + c.Secret, + ) + + // TODO return an error to the caller if the provider + // returns an error. + found, _ := provider.Find(ctx, &secret.Request{ Name: name, - Build: c.Build, - Repo: c.Repo, - Conf: c.Manifest, + Build: args.Build, + Repo: args.Repo, + Conf: args.Manifest, }) if found == nil { return diff --git a/engine/compiler/compiler_test.go b/engine/compiler/compiler_test.go index b8a6edc..a62c60e 100644 --- a/engine/compiler/compiler_test.go +++ b/engine/compiler/compiler_test.go @@ -13,13 +13,15 @@ import ( "os" "testing" - "github.com/dchest/uniuri" "github.com/drone-runners/drone-runner-ssh/engine" "github.com/drone-runners/drone-runner-ssh/engine/resource" + "github.com/drone-runners/drone-runner-ssh/runtime" + + "github.com/dchest/uniuri" "github.com/drone/drone-go/drone" + "github.com/drone/runner-go/environ/provider" "github.com/drone/runner-go/manifest" "github.com/drone/runner-go/secret" - "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" ) @@ -94,22 +96,27 @@ func TestCompile_RunFaiure(t *testing.T) { // at compile time. func TestCompile_Secrets(t *testing.T) { manifest, _ := manifest.ParseFile("testdata/secret.yml") - compiler := Compiler{} - compiler.Build = &drone.Build{} - compiler.Repo = &drone.Repo{} - compiler.Stage = &drone.Stage{} - compiler.System = &drone.System{} - compiler.Netrc = &drone.Netrc{} - compiler.Manifest = manifest - compiler.Pipeline = manifest.Resources[0].(*resource.Pipeline) - compiler.Secret = secret.StaticVars(map[string]string{ - "ssh_hostname": "localhost:22", - "ssh_username": "root", - "ssh_password": "password", - "ssh_key": "-----BEGIN RSA PRIVATE KEY-----", - "my_username": "octocat", - }) - ir := compiler.Compile(nocontext) + compiler := Compiler{ + Environ: provider.Static(nil), + Secret: secret.StaticVars(map[string]string{ + "ssh_hostname": "localhost:22", + "ssh_username": "root", + "ssh_password": "password", + "ssh_key": "-----BEGIN RSA PRIVATE KEY-----", + "my_username": "octocat", + }), + } + args := runtime.CompilerArgs{ + Repo: &drone.Repo{}, + Build: &drone.Build{}, + Stage: &drone.Stage{}, + System: &drone.System{}, + Netrc: &drone.Netrc{}, + Manifest: manifest, + Pipeline: manifest.Resources[0].(*resource.Pipeline), + Secret: secret.Static(nil), + } + ir := compiler.Compile(nocontext, args) got := ir.Steps[0].Secrets want := []*engine.Secret{ { @@ -163,15 +170,20 @@ func testCompile(t *testing.T, source, golden string) *engine.Spec { return nil } - compiler := Compiler{} - compiler.Build = &drone.Build{Target: "master"} - compiler.Repo = &drone.Repo{} - compiler.Stage = &drone.Stage{} - compiler.System = &drone.System{} - compiler.Netrc = &drone.Netrc{Machine: "github.com", Login: "octocat", Password: "correct-horse-battery-staple"} - compiler.Manifest = manifest - compiler.Pipeline = manifest.Resources[0].(*resource.Pipeline) - got := compiler.Compile(nocontext) + compiler := Compiler{ + Environ: provider.Static(nil), + Secret: secret.Static(nil), + } + args := runtime.CompilerArgs{ + Manifest: manifest, + Pipeline: manifest.Resources[0].(*resource.Pipeline), + Build: &drone.Build{Target: "master"}, + Stage: &drone.Stage{}, + Repo: &drone.Repo{}, + System: &drone.System{}, + Netrc: &drone.Netrc{Machine: "github.com", Login: "octocat", Password: "correct-horse-battery-staple"}, + } + got := compiler.Compile(nocontext, args) raw, err := ioutil.ReadFile(golden) if err != nil { diff --git a/engine/spec.go b/engine/spec.go index 65a53c9..b4daeac 100644 --- a/engine/spec.go +++ b/engine/spec.go @@ -6,7 +6,7 @@ package engine type ( // Spec provides the pipeline spec. This provides the - // required instructions for reproducable pipeline + // required instructions for reproducible pipeline // execution. Spec struct { Server Server `json:"server,omitempty"` @@ -35,7 +35,7 @@ type ( IgnoreErr bool `json:"ignore_err,omitempty"` IgnoreStdout bool `json:"ignore_stderr,omitempty"` IgnoreStderr bool `json:"ignore_stdout,omitempty"` - Name string `json:"name,omitempt"` + Name string `json:"name,omitempty"` RunPolicy RunPolicy `json:"run_policy,omitempty"` Secrets []*Secret `json:"secrets,omitempty"` WorkingDir string `json:"working_dir,omitempty"` diff --git a/go.mod b/go.mod index 4a069d3..90cb34f 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/drone-runners/drone-runner-ssh -go 1.13 +go 1.16 require ( github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc // indirect @@ -9,7 +9,7 @@ require ( github.com/dchest/uniuri v0.0.0-20160212164326-8902c56451e9 github.com/drone/drone-go v1.7.1 github.com/drone/envsubst v1.0.2 - github.com/drone/runner-go v1.3.1 + github.com/drone/runner-go v1.7.0 github.com/drone/signal v1.0.0 github.com/google/go-cmp v0.3.0 github.com/gosimple/slug v1.5.0 @@ -26,4 +26,6 @@ require ( golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa golang.org/x/sync v0.0.0-20190423024810-112230192c58 gopkg.in/alecthomas/kingpin.v2 v2.2.6 + gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect ) diff --git a/go.sum b/go.sum index b7f1cde..030fe46 100644 --- a/go.sum +++ b/go.sum @@ -42,9 +42,15 @@ github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc= github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8= github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= +github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/fs v0.1.0 h1:Jskdu9ieNAYnjxsi0LbQp1ulIKZV1LAFgK1tWhpZgl8= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= +github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/mattn/go-isatty v0.0.8 h1:HLtExJ+uU2HOZ+wI0Tt5DtUDrx8yhUqDcp7fYERX4CE= github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/natessilva/dag v0.0.0-20180124060714-7194b8dcc5c4 h1:dnMxwus89s86tI8rcGVp2HwZzlz7c5o92VOy7dSckBQ= @@ -62,6 +68,7 @@ github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0 github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= diff --git a/runtime/execer.go b/runtime/execer.go index a60d59d..4071030 100644 --- a/runtime/execer.go +++ b/runtime/execer.go @@ -133,9 +133,9 @@ func (e *execer) exec(ctx context.Context, state *pipeline.State, spec *engine.S } switch { - case state.Skipped(): - return nil case state.Cancelled(): + // skip if the pipeline was cancelled, either by the + // end user or due to timeout. return nil case step.RunPolicy == engine.RunNever: return nil diff --git a/runtime/runner.go b/runtime/runner.go index 28fbd90..aa39f45 100644 --- a/runtime/runner.go +++ b/runtime/runner.go @@ -14,7 +14,6 @@ import ( "time" "github.com/drone-runners/drone-runner-ssh/engine" - "github.com/drone-runners/drone-runner-ssh/engine/compiler" "github.com/drone-runners/drone-runner-ssh/engine/resource" "github.com/drone/drone-go/drone" @@ -33,6 +32,10 @@ type Runner struct { // with the central server. Client client.Client + // Compiler is responsible for compiling the pipeline + // configuration to the intermediate representation. + Compiler Compiler + // Execer is responsible for executing intermediate // representation of the pipeline and returns its results. Execer Execer @@ -54,9 +57,6 @@ type Runner struct { // intended as a security measure to prevent a runner from // processing an unwanted pipeline. Match func(*drone.Repo, *drone.Build) bool - - // Secret provides the compiler with secrets. - Secret secret.Provider } // Run runs the pipeline stage. @@ -183,15 +183,13 @@ func (s *Runner) Run(ctx context.Context, stage *drone.Stage) error { secrets := secret.Combine( secret.Static(data.Secrets), secret.Encrypted(), - s.Secret, ) // compile the yaml configuration file to an intermediate // representation, and then - comp := &compiler.Compiler{ + args := CompilerArgs{ Pipeline: resource, Manifest: manifest, - Environ: s.Environ, Build: data.Build, Stage: stage, Repo: data.Repo, @@ -200,7 +198,7 @@ func (s *Runner) Run(ctx context.Context, stage *drone.Stage) error { Secret: secrets, } - spec := comp.Compile(ctx) + spec := s.Compiler.Compile(ctx, args) for _, src := range spec.Steps { // steps that are skipped are ignored and are not stored // in the drone database, nor displayed in the UI. diff --git a/runtime/type.go b/runtime/type.go new file mode 100644 index 0000000..815e6b0 --- /dev/null +++ b/runtime/type.go @@ -0,0 +1,65 @@ +// Copyright 2019 Drone.IO Inc. All rights reserved. +// Use of this source code is governed by the Polyform License +// that can be found in the LICENSE file. + +package runtime + +import ( + "context" + + "github.com/drone-runners/drone-runner-ssh/engine" + "github.com/drone-runners/drone-runner-ssh/engine/resource" + + "github.com/drone/drone-go/drone" + "github.com/drone/runner-go/manifest" + "github.com/drone/runner-go/secret" +) + +type ( + // CompilerArgs provides compiler arguments. + CompilerArgs struct { + // Manifest provides the parsed manifest. + Manifest *manifest.Manifest + + // Pipeline provides the parsed pipeline. This pipeline is + // the compiler source and is converted to the intermediate + // representation by the Compile method. + Pipeline *resource.Pipeline + + // Build provides the compiler with stage information that + // is converted to environment variable format and passed to + // each pipeline step. It is also used to clone the commit. + Build *drone.Build + + // Stage provides the compiler with stage information that + // is converted to environment variable format and passed to + // each pipeline step. + Stage *drone.Stage + + // Repo provides the compiler with repo information. This + // repo information is converted to environment variable + // format and passed to each pipeline step. It is also used + // to clone the repository. + Repo *drone.Repo + + // System provides the compiler with system information that + // is converted to environment variable format and passed to + // each pipeline step. + System *drone.System + + // Netrc provides netrc parameters that can be used by the + // default clone step to authenticate to the remote + // repository. + Netrc *drone.Netrc + + // Secret returns a named secret value that can be injected + // into the pipeline step. + Secret secret.Provider + } + + // Compiler compiles the Yaml configuration file to an + // intermediate representation optimized for simple execution. + Compiler interface { + Compile(context.Context, CompilerArgs) *engine.Spec + } +) From 9ab668de28424a4fb2b5394a61f60948714beb5f Mon Sep 17 00:00:00 2001 From: Doug Simmons Date: Wed, 27 Jul 2022 13:09:55 -0700 Subject: [PATCH 2/2] Rebase and resolve merge conflicts for go.sum --- go.sum | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/go.sum b/go.sum index 030fe46..01444ae 100644 --- a/go.sum +++ b/go.sum @@ -19,14 +19,13 @@ github.com/dchest/uniuri v0.0.0-20160212164326-8902c56451e9 h1:74lLNRzvsdIlkTgfD github.com/dchest/uniuri v0.0.0-20160212164326-8902c56451e9/go.mod h1:GgB8SF9nRG+GqaDtLcwJZsQFhcogVCJ79j4EdT0c2V4= github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw= github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/drone/drone-go v1.0.5-0.20190504210458-4d6116b897ba h1:GKiT4UPBligLXJAP1zRllHvTUygAAlgS3t9LM9aasp0= -github.com/drone/drone-go v1.0.5-0.20190504210458-4d6116b897ba/go.mod h1:GxyeGClYohaKNYJv/ZpsmVHtMJ7WhoT+uDaJNcDIrk4= +github.com/drone/drone-go v1.6.0/go.mod h1:fxCf9jAnXDZV1yDr0ckTuWd1intvcQwfJmTRpTZ1mXg= github.com/drone/drone-go v1.7.1 h1:ZX+3Rs8YHUSUQ5mkuMLmm1zr1ttiiE2YGNxF3AnyDKw= github.com/drone/drone-go v1.7.1/go.mod h1:fxCf9jAnXDZV1yDr0ckTuWd1intvcQwfJmTRpTZ1mXg= github.com/drone/envsubst v1.0.2 h1:dpYLMAspQHW0a8dZpLRKe9jCNvIGZPhCPrycZzIHdqo= github.com/drone/envsubst v1.0.2/go.mod h1:bkZbnc/2vh1M12Ecn7EYScpI4YGYU0etwLJICOWi8Z0= -github.com/drone/runner-go v1.3.1 h1:RNLOQOH0EZD0vMT1SDQUPReVOnh1Wbx1D9gQyKH1McI= -github.com/drone/runner-go v1.3.1/go.mod h1:61VgQWhZbNPXp01lBuR7PAztTMySGLnMzK/4oYE3D9Y= +github.com/drone/runner-go v1.7.0 h1:bxvopa3zJJnEqjTsW/a7tn0syfvo0X9B0VBm+7IQLEU= +github.com/drone/runner-go v1.7.0/go.mod h1:rKn98jQVmPzrXYX8kPCupAn3QwxyhmR0lX9hvFiJJI8= github.com/drone/signal v1.0.0 h1:NrnM2M/4yAuU/tXs6RP1a1ZfxnaHwYkd0kJurA1p6uI= github.com/drone/signal v1.0.0/go.mod h1:S8t92eFT0g4WUgEc/LxG+LCuiskpMNsG0ajAMGnyZpc= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -42,7 +41,6 @@ github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc= github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8= github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= -github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/fs v0.1.0 h1:Jskdu9ieNAYnjxsi0LbQp1ulIKZV1LAFgK1tWhpZgl8= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= @@ -68,7 +66,6 @@ github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0 github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= @@ -98,9 +95,10 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=